In order to add something to the cart or proceed to the checkout, user must be past authentication (he must be logged in), or the client must request an anonymous token, which is an equivalent of a session id. Both being logged in, as well as having an anonymous token, let user perform any operation related to his shopping cart/account and checkout.
Getting the token for logged in user
Request:
POST https://api.tipser.com/v4/auth
Body:
{
email: "[email protected]"
password:"secret!s4uce"
}
The response of this request, given the credentials are correct, will return a token in the response body. Head out to *Working with user tokens section for a guide on how to use the token.
Getting an anonymous token
GET https://api.tipser.com/v3/auth/anonymousToken
The response of this request will always return a token in the response body. Head out to *Working with user tokens section for a guide on how to use the token.
Working with user tokens
Token is an identifier returned both after successful logging in or getting anonymous token. In every case, the token is returned as the response body.
Example token (trimmed)
eyJraWQiOm51bGwsImFsZyI6IlJTNTEyIn0...
To make any operation on cart/user profile and any other resource requiring or making a use of the user identity, the token must be added to the request header:
Authorization: Bearer eyJraWQiOm51...
Validation the token
Token lives for a limited time. In order to check if the order is still valid, use:
GET https://api.tipser.com/v3/auth/token
Authorization: Bearer [token]
If the token is still valid, you will get the same token echoed in response.
If the token is still valid, but soon to expire, you'll get the new token that will prolong the session.
If the token is not valid, you'll get a TOKEN_INVALID response.